(Updated) Microsoft 365 Copilot: Copilot chat pane and Summary feature in OneNote Mobile (Android)

🚨 The Signal: Copilot in OneNote Mobile (Android) now summarises notes and answers questions. This expands AI access to sensitive data on mobile, increasing data exposure risk if not properly governed by existing Copilot controls.

The Impact

Users with Copilot licenses on Android are affected, increasing the risk of sensitive information exposure via AI if existing data governance is not robust.

• Copilot-licensed users: New AI features on mobile could expose sensitive notes.
• Security teams: Must ensure existing Copilot data governance extends to mobile.
• Data owners: Increased risk of data leakage if mobile OneNote content is not classified.

The Action

1. Review existing Microsoft 365 Copilot data governance policies to ensure they adequately cover mobile device access and data processing.
2. Verify that sensitivity labels and data loss prevention (DLP) policies are correctly applied to OneNote content, especially for mobile access.
3. Communicate to users the appropriate use of Copilot on mobile, particularly regarding sensitive information in OneNote.
4. Monitor Copilot usage logs for OneNote Mobile to identify any anomalous data access patterns.

Domain: Agentic-AI · Impact: medium · Workload: M365 Apps